Critical Vulnerabilities Identified in Schneider and GE Digital’s SCADA Software

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently published an industrial control system advisory related to multiple security vulnerabilities impacting Schneider Electric’s Easergy medium voltage protection relays. The exploitation of those flaws may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to gain full control of the relay. The two high-severity flaws: CVE-2022-22722 (CVSS score: 7.5) & CVE-2022-22723 and CVE-2022-22725 (CVSS score: 8.8),- affect Easergy P3 versions prior to v30.205 and Easergy P5 versions before v01.401.101.

Binaré offers the security-testing platform to prevent businesses all over the world from cyber-attacks. Binaré is concerned about the security of IoT device your business is using. Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.

More information about the incident:
https://thehackernews.com/2022/02/cisa-warns-of-high-severity-flaws-in.html

190GB Alleged Samsung Data Leakage

“The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company. Lapsus$ split the leaked data in three compressed files that add to almost 190GB and made them available in a torrent that appears to be highly popular, with more than 400 peers sharing the content.”

Binaré has come up with a solution that prevents businesses from cyber-attacks. Binaré is concerned about the security of IoT device your business is using. Come to our web page and check your device with our FREE Demo! The link for the web page: https://binare.io/.

More information about the incident:
https://www.bleepingcomputer.com/news/security/hackers-leak-190gb-of-alleged-samsung-data-source-code/

ATMs, Medical & IoT Devices Affected by “Access:7” Critical Supply Chain Vulnerabilities

7 security bugs have been identified in PTC’s Axeda software that could be exploited to gain unauthorized access to medical and IoT devices. Altogether called “Access:7,” the security flaws are estimated to affect more than 150 device models spanning over 100 different manufacturers, posing a significant supply chain threat.

Binaré offers an effective solution to check your software for a wide range of vulnerabilities and security issues. Check your software for FREE with our Demo here: https://binare.io/!

More information about the incident:
https://thehackernews.com/2022/03/critical-access7-supply-chain.html

Critical Flaws in TerraMaster TOS – Open Door for Remote Hacking of NAS Devices

Discovered in TerraMaster network-attached storage (TNAS) devices security vulnerabilities could be chained to attain unauthenticated remote code execution with the highest privileges. According to Ethiopian cyber security research firm Octagon Networks’ Paulos Yibelo, the security issues residing in TOS (TerraMaster Operating System) could grant unauthenticated attackers access to the victim’s box simply by knowing the IP address.

Binaré’s platform will check your IoT device, e.g. NAS device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://thehackernews.com/2022/03/critical-bugs-in-terramaster-tos-could.html

Europe Cyberattack Turns Off About 5,800 Wind Turbines

“A “massive” cyber attack has recently hit Europe which later resulted in an internet outage across the continent.” 5,800 wind turbines, which have a total output of 11 gigawatts, went offline during the incident.

Binaré provides IoT device manufacturers with a platform that checks an IoT device for a wide range of vulnerabilities and security issues (including SBoM/Software-Bill-of-Materials and risky components dependencies) and gives an IoT device manufacturer a detailed report on them. Make a step towards the security of your IoT business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://www.techtimes.com/articles/272624/20220305/europe-cyberattack-results-massive-internet-outage-5-800-wind-turbines.htm

Swedish Camera Giant Axis Under Cyberattack

The Swedish camera maker Axis claimed it is struggling to deal with a cyberattack that hit its IT systems. “The Swedish camera giant said it got alerts from its cybersecurity and intrusion detection system before it shut down all public-facing services globally in the hopes of limiting the impact of the attack.”

Binaré’s platform will check your IoT device, e.g. camera, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://www.zdnet.com/article/swedish-camera-giant-axis-still-recovering-from-cyberattack/

Widely Used UPS Devices Under Cyber Threat

According to Armis researchers, successful exploitation of three vulnerabilities in ubiquitous APC Smart-UPS (uninterruptible power supply) devices could allow remote attackers to use them as an attack vector, disable or completely destroy them. “The vulnerable devices, developed by Schneider Electric subsidiary APC, are used all around the globe to provide emergency backup power for critical physical infrastructure (industrial facilities, hospitals, energy suppliers, data centers, etc.).”

Binaré’s platform will check your IoT device, e.g. UPS device, for a wide range of vulnerabilities and security issues and will give you a detailed report on them. Make a step towards security of your business already today: try our FREE Demo at https://binare.io/!

More information about the incident:
https://www.helpnetsecurity.com/2022/03/08/ups-devices-vulnerabilities/

Free icons courtesy of flaticon.com by authors: Freepik, photo3idea_studio

Leave a Reply